Latest revision as of 03:37, 15 February 2012

For security reasons, by default SMILA is configured to allow access to the HTTP and JMX servers only from the host SMILA is running on, i.e. using "localhost" adresses.

Warning
Making the HTTP and JMX interfaces accessible to other hosts may cause security problems because then everyone with access to the SMILA host can add, change, invoke pipelines, run jobs, clear stores and indexes, etc. Ideally, SMILA itself is not accessible to everyone, but there should be a web application for everyone to use so that the SMILA hosts and ports can be secured using firewalls or similar means. If you really need to expose the SMILA HTTP server to the world, you should check the Jetty Manual for ways to make it secure.

Enable HTTP remote access to SMILA by HTTP

There are two ways to change this:

Edit SMILA.ini and add this line to make the SMILA HTTP server listen on all network interfaces of the host:

...
-Djetty.host=0.0.0.0
...

Edit configuration/org.eclipse.smila.http.server/jetty.xml and edit the connector definition. E.g. remove the attributedefault="localhost" for setting the "host" property to let it listen on all network interfaces:

More fine-grained control is possible using the jetty.xml configuration, of course. Consult the Jetty Manual for details.

See also SMILA/Documentation/JettyHttpServer for more information about configuring the HTTP server.
For example, to change the HTTP server port, please edit configuration/org.eclipse.smila.clusterconfig.simple/clusterconfig.json.

Enable JMX remote access to SMILA

Edit SMILA.ini and remove this line to make the SMILA JMX server listen on all network interfaces of the host: